Last week we posted a discussion about issues paying for eBay purchases using PayPal on mobile ever since I turned on 2FA. Following that, PayPal almost immediately reached out to us to say that what I, and some others online, had been experiencing was definitely not how it “should work”.

Due to the sincerity of their explanation and the swiftness with which they contacted us we took down that post allowing them time to “examine my account” and walk me through any potential fix. Jumping to the end, they fixed it!

The integration engineer for PayPal I spoke with wasn’t able to see anything “wrong with my account”. Initially, we checked a few elements of my device, what version of Android was I on (7.1.2 of course!), did I have the latest version of eBay (yes), what was my default browser, Chrome, and then what version of Chrome was I running.

After all of this we determined two things:

  1. I’m a massive nerd with everything nicely updated (daily of course) and running only reputable apps and services.
  2. There was no obvious reason why my eBay app wasn’t “passing the secure payment token”.

How we fixed it felt like a solution right out of Reddit: uninstall and reinstall eBay, clear my Chrome Browser cache. Yerp, that was it. Just to check it worked I bought some Android Stickers, because of course I would, some cleaning fluid for my razor and a few other bits and pieces. They all worked, first go using PayPal as my payment method 2FA safely on in my settings.

Now I do have the PayPal app installed and authenticated, I’m not sure if that’s necessary but it didn’t seem so. The engineer didn’t want to give away too much about how this system works, for obvious reasons, but it seems to be based on a payment token.

As far as I could tell, as I have “authenticated” my PayPal and eBay accounts together my eBay account has a “payment token” saved. Using this token eBay can bypass the need to login or use 2FA and just process the payment via PayPal.

While I stand by other elements of my article last week — that having to re-enter the 2FA token to open the mobile app is crazy — users should at least have the choice of allowing fingerprint log in once they have authenticated once in the app — I have to concede that it looks like Payments via PayPal on mobile with 2FA are NOT a red hot mess.

The payment experience today is exactly what I would want it to be, I click pay, it paid, all in the eBay app and yay it was good. I have to admit I was actually anxious as I’m used to having a large amount of burden to pay, still, I’m assured my $$ are still safe and 2FA protected :).

For PayPal to have taken the interest to track me down through a PR firm, review my account and have an Engineer talk me through getting it working I think is a fairly strong indication that they take their security very, very seriously, not to mention their reputation.

So if you’re having eBay payment issues via PayPal on mobile try reinstalling the eBay app and flushing your browser cache! If it doesn’t work for you, reach out to us in the comments and we will try and help out.

4 Comments
newest
oldest
Inline Feedbacks
View all comments
Philip Clark

It’s still pretty ridiculous that Paypal’s definition of 2 factor authentication is a text message every time you log in or use paypal, regardless of if you’re doing it from the same device repeatedly. At the very least there should be an option to remember authenticated devices. If your security measure completely kills the convenience of using a service, you’re doing it wrong.

Adam Milligan

Even with 2FA, I find it hard to take a company that seriously on security when they will not allow you to create a password longer than 20 characters. If I want to use a 40 character password, why should the technical limitations of their system prevent that?

Narbett

Really though, how many times can you repeat your cat’s name and your year of birth…